how to build a better cloud - evoswitch.com · how to build a better cloud part two 7 8. ... in a...
TRANSCRIPT
By Patrick van der Wilt, Commercial Director EvoSwitch
PART TWO: IMPLEMENTATION
HOW TOBUILDA BETTERCLOUD
Key considerations for your hybrid cloud journey
Part One of ‘How to Build a Better Cloud’ covered the planning phase -
business needs assessment and outcomes definition, service catalog creation
and delivery model analysis, readiness and interoperability assessment
and internal engagement for a hybrid cloud journey.
This paper covers the next steps, setting out some of the key considerations
when putting these plans into practice. Where to build your private cloud so
that it interconnects seamlessly with your public cloud partners and applications.
Accessing the cloud marketplace. What to look for in cloud providers and
implementation partners. How to avoid lock-in and ensure maximum flexibility
and the best possible management and performance.
The topics covered here are intended to give IT Directors, CIOs and CTOs,
reminders and ideas, with access through online sources and further reading
to deeper information. However, they are also meant to be accessible for
non-technical senior managers who are embarking on the hybrid cloud journey.
As pointed out in Part One, the cloud presents new business opportunities
in every functional area, and requires a closer level of cooperation and
understanding between IT and the rest of the organization than ever before.
Cloud drives cultural change. For the most ambitious businesses, it can be the
foundation for a process of digital transformation. A shared understanding of
the key moving parts of the cloud is a useful starting point for the new habits,
discussions and creative interactions that will take place on this journey.
INTRO
PART TWOHOW TO BUILD A BETTER CLOUD
09 |
08 |
11 |
13 |
15 |
19 |
21 |
25 |
Benefits of the cloud Flexibility, Efficiency, Competitive edge
Location, Location, Location“Cloud exchanges provide high-speed, secure and cost-effective access
to the broadest possible range of cloud service providers and partners.”
The cloud landscape“Although the infrastructure business looks like an oligopoly, there is
no default provider, and you should consider the potential for working
with more than one.”
Picking a partner“To find the right vendor - one that has a lot of experience and
successes under its belt with businesses similar to yours – you will
need to dedicate significant effort to research.”
Avoiding lock-in, enabling growth“It is perfectly practical to have a hybrid between multiple clouds,
or to run multiple solutions across multiple clouds.”.”
Service levels & performance“Standard SLAs tend to fall short when it comes to hybrid cloud
deployments, as each hybrid deployment is different.”
Security: first & last“Security should be central to the cloud delivery models you select
at the outset of your cloud journey, and it should continue to be central
to your day-to-day cloud management.”
ConclusionThe road to the cloud.
How to Build a Better CloudPart Two: Implementation
INDEXPART TWO
6
HOW TO BUILD A BETTER CLOUD
5
FlexibilityScalability: Cloud infrastructure scales up − and down − to support fluctuating
workloads
Storage choice: Choose public, private, or hybrid storage offerings to suit
Control: Set your level of control with as-a-service options, i.e. software as a service
(SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS)
Security: Virtual private cloud, encryption, and/or API keys help keep data secure.
EfficiencyAccessibility: Apps and data accessible from any Internet-connected device
Speed to market: DevOps in the cloud speeds time to market
Data security: Network backups avoid loss of data through hardware failures
Equipment Savings: Using remote resources saves on cost of servers and more
Pay as you go: Utility structure means users only pay for the resources they use.
Competitive edgeStreamlining: Cloud service providers (CSPs) manage underlying infrastructure,
allowing you to focus on the front end
Fresh Tech: Service providers regularly update ensuring the latest technology
Collaboration: Worldwide access means geo-independent teams
Speed: You can partner, create and move workstreams and solutions faster.
BENEFITS OF THE CLOUD
(Don't forget the)
PART TWOHOW TO BUILD A BETTER CLOUD
87
If the infrastructure that you are proposing to shift to the cloud
is still in your own data center, now is the time to move into
cloud-neutral colocation. Cloud traffic is migrating to neutral data
centers at a breathtaking pace. According to Cisco, CAGR is 33%,
and by 2019 86 % of workloads will be processed by cloud data
centers, with only 14% processed by traditional data centers.
One of the reasons for this seismic shift is that cloud-neutral data
centers are optimal locations for hybrid clouds, coupling private
clouds for latency/compliancy sensitive applications and data with
the scalability of public clouds. Cloud-agnostic and carrier-neutral,
they also comply with world-class uptime and sustainability standards,
as well as sector-specific certifications. Cloud-neutral data centers
bring the cloud marketplace to the user, housing partners that can
help IT teams back up data, orchestrate multiple clouds or synchronize
data across multiple devices and locations.
Flexible cloud interconnection is also key. Many neutral cloud data
centers now offer cloud exchanges, such as EvoSwitch’s OpenCloud
exchange, which use vendor-neutral, widely accepted standards
for the benefit of service providers, brokers and users.
LOCATION,LOCATION,LOCATION.
GOOGLECLOUD
AMAZONAWS
MICROSOFTAZURE
PUBLICCLOUDPUBLIC
INTERNET
MANAGED CUSTOMERPRIVATE CLOUD
CUSTOMERPRIVATE CLOUD
CUSTOMER PREMISES
INTERNETPROVIDER
OpenCloud offers low-latency routes directly to the public cloud providers and partners you need.
The genuinely neutral exchanges allow real-time trading
of bandwidth, supported by a bilateral contract with suppliers.
They provide high-speed, secure and cost-effective access to the
broadest possible range of cloud service providers and partners,
including, but not limited to, large IaaS players like Microsoft,
Amazon, Google, Rackspace, Softlayer or VMware.
Businesses can also evolve easily into cloud service providers in
this environment, building or commissioning their own cloud services
using open source cloud development partners. Businesses that
join these fast-expanding cloud marketplaces can provision and
deprovision resources based on context, application, desktops,
and business unit. This makes them much more agile and constitutes
a significant step up in digital transformation capability.
10
HOW TO BUILD A BETTER CLOUD
9
PART TWO
1&1
UPCLO
UD
CITY C
LOUD
CLOUDSI
GMA
GOO
GLE C
OM
PUTE
CENTU
RYLIN
K
VCLOUD A
IR
CLOUDW
ATT
PRO
FITB
RICKS
ARUBA CLO
UD
RACKSPACE
UK
DATACEN
TRED
PHO
ENIX
NAP
AZURE
AMAZO
N
INTE
ROUTE
IBM
SO
FTLA
YER
DIMEN
SIO
N DATA
VERIZ
ON
0
20
40
60
80
100
CLO
UD
SPEC
S SC
OR
E
The definition of cloud has expanded over the last few years, and
the range of public platform, infrastructure and software services
is still growing fast. But - at the platform and infrastructure level -
there are still just a few famous names that lead the sector.
The following are the top three:
THE CLOUD LANDSCAPE
If you choose to locate your infrastructure with a major service
provider, the breadth of additional services tends to be key to the
selection decision. These parameters will have been mapped already
in your Service Catalog (see Part One, Planning). But remember,
although the infrastructure business looks like an oligopoly, there
is no default provider, and you should consider the potential for
working with more than one. It’s simply a question of best fit with
your business.
There are many more providers than ‘the big three’, with much
to recommend them. In a recent price-performance evaluation
by CloudSpecs of the leading European IaaS providers, Google,
Azure, and AWS were rated as #5, #14 and #15 respectively.
AWS - ‘the iphone of
the cloud’- still holds by
far the largest market
share globally, but like the
iphone, the competition is
closing the gap. AWS
offers a huge range of
services with winning
performance, but requires
a more DIY approach,
mainly due to their lack of
existing business apps.
Microsoft Azure is well
represented by partners in
Europe, has the benefit of
seamless integration with
onsite MS apps like
Office, SQL and Visual
Studio, and is increasingly
well integrated with open
source developer plat-
forms like Linux. The
platform is currently catch-
ing up to AWS.
Google Cloud offers
access to the custom-built
solutions and infrastruc-
ture that have driven
Google’s global success.
The platform is perfect for
Google Apps with a
particularly strong Big
Data portfolio.
Overall CloudSpecs Ranking
HOW TO BUILD A BETTER CLOUD PART TWO
11 12
IaaS and PaaS tend to be delivered through partner businesses
with local infrastructure and experts. The alternatives are either
self-management or contracting of a third-party integrator.
Self-management is ideal if this is manageable, but this is unusual.
Generally, it is necessary to involve specialists for design,
implementation and orchestration.
Third party consultants can deliver excellent value over a short project.
However, the fact that it is often not possible to build a long-term
relationship means that the relationship is not so investable, so responsi-
bilities and liability need to be very clearly set out at the beginning.
PICKING A PARTNER
Top 10 questions to ask prospective cloud partners:
1 Can you prove how reliable you are? Your standards and certifications need to match ours.
2 What are your T&Cs? Not your IaaS providers, yours. If something goes wrong can you fix it or do you pass it on?
3 Will you commit your staff to spending significant amounts of time on-premise?
4 Do you have an issue with working weekends, e.g. for migration?
5 What are your hours? (when it comes to critical data, 9-5 won’t do!)
For most, delivery through a partner business is a good option, and
there are many excellent providers to choose from. To find the right
vendor - one that has a lot of experience and successes under its belt
with businesses similar to yours – you will need to dedicate significant
effort to research.
Talk to your colocation provider; we want your implementation to work
first time and have years of experience in migration and troubleshoot-
ing, as well as good working relationships with a range of service and
connectivity providers. Sign up and research groups and associations.
Remember that face to face communication is often fuller and franker
than published material, so attend events.
When you have a shortlist, request statistics on reliability (uptime,
availability) and security. Ask for and follow up references. Meet with
other clients that are of a similar size or have similar needs and find
out what they have learned from their own cloud experiences. Ask
about pricing. Ask about the features they are getting and which ones
they wish they were getting. Ask about any security and reliability
issues. You need to know everything that could possibly go wrong in
order to stop it happening.
When you are getting to know a cloud partner, don’t forget the obvious questions:
6 Can you show me some satisfied customer content like customer cases and endorse-ments?
7Have you got experience in my sector? (check the website; ask for contact with previous customers).
8Do you sell competing products? Look out for potential conflicts of interest.
9 Does your portfolio (and footprint) map to my digital needs, not just now but as I grow? (and how fast are you growing anyway?)
10Just how well do you understand the product you are selling? (come and present the features to the team and explain the opportunities they offer).
PART TWOHOW TO BUILD A BETTER CLOUD
1413
While there is potential for waste, consider using more than one
provider because this lets you compare partners in a real-world
situation. It is perfectly practical – and becoming increasingly
common - to have a hybrid between multiple clouds, or to run
multiple solutions across multiple clouds. As mentioned in Part
One: Planning, Rightscale estimate that enterprises are running
applications in an average of 1.8 public clouds and 2.3 private
clouds and experimenting with around the same number in each
category. As time passes, you can migrate more to the one that
you like the best. Regard this flexibility as an investment.
Migration is a disruptive process and this is a long-term move, so
it’s important to get maximum flexibility and optimum support.
Again, geography should come into your considerations. Factors like
emerging data protection regulations and IoT/Machine-to-Machine
communications can require major infrastructure extensions. Also, your
cloud infrastructure should be ready to support you in new markets.
Regional reach and redundancy can be enabled through the flexible
interconnections in a cloud-neutral data center. Pick your traffic region,
add an availability zone, and include backup sites to overcome any
Single Point of Failure. Then provision your server and configure your
services. The process is straightforward and – in a carrier-neutral
environment - cost-effective. Then you can expand to other zones and
regions as needed.
AVOIDING LOCK-IN,ENABLING GROWTH
HOW TO BUILD A BETTER CLOUD PART TWO
15 16
YOUR CLOUD INFRASTRUCTURE SHOULD
BE READY TO SUPPORT YOU IN NEW MARKETS
PART TWOHOW TO BUILD A BETTER CLOUD
17 18
SERVICE LEVELS& PERFORMANCE
Standard SLAs tend to fall short when it comes to hybrid cloud
deployments, as each hybrid deployment is different. SLAs need to
establish clear guidelines of engagement for both the user and
service provider.
The SLA should address three primary risk areas:
Data
Who secures the link when data leaves the private cloud? There are
privacy and integrity concerns associated with this data movement
because the privacy controls in the public cloud vary significantly from
the private cloud. The SLA should address data custody, control,
possession, and right of return.
Compliance
Businesses still need to comply with regulations that pertain to data
governance, even if data leaves the premise. SLAs need to clearly
outline the service provider’s compliance with regulations like
Sarbanes-Oxley, healthcare data or payment standards (PCI).
Audit
SLAs should cover access to the documents necessary to demonstrate
compliance to an auditor and also specify who pays for the service
provider’s time during an audit.
Availability and Performance
Availability generally means different things depending on the
services offered. For IaaS, availability is usually defined in terms of
infrastructure, such as cloud servers and storage. For PaaS, availability
may be defined in terms of functionality and access to the platform,
and for SaaS providers, availability will be defined in terms of
application and data availability. Ensure that guarantees and
definitions are clearly outlined in the SLA.
Outages & Updates
What happens when a portion of the hybrid cloud becomes
unavailable due to an outage or a natural disaster? Whether the
problem occurs in the private cloud or the public cloud, the SLA
should spell out a coordinated and transparent process so that both
parties work together to resolve the problem at hand. Update
schedules should also be clearly defined in the SLA.
PART TWOHOW TO BUILD A BETTER CLOUD
19 20
One of the great benefits of the cloud is the variable levels of
security it can bring, with built-in encryption, and/or API keys to
help keep data secure, as well as dedicated service providers
offering the latest solutions to security challenges. There is also an
increasing range of specialist security solution providers, many of
them focused on identifying danger signs from user behaviour.
However, with the growth in cyber attacks, in particular data theft,
DoS and DDoS, security represents one of the cloud’s greatest
challenges. Security should be central to the cloud delivery models
you select at the outset of your cloud journey, and it should continue
to be central to your day-to-day cloud management.
By evaluating and managing the security of your cloud services, it is
possible to mitigate risk and maintain, or even surpass, the levels of
security in the traditional IT environment. But this requires a very
rigorous and transparent approach.
SECURITY:FIRST & LAST
Key considerations should be:
Ensuring effective governance, risk and compliance processes are in place
Auditing operational and business processes
Managing people, roles and identities
Ensuring adequate protection of data and information
Policing and enforcing privacy policies
Assessing security provisions for cloud applications
Ensuring cloud networks and connections are secure
Evaluating security controls on physical infrastructure and facilities
Managing security terms in the cloud service agreement
Understanding the security requirements of the
contract conclusion/exit process
PART TWOHOW TO BUILD A BETTER CLOUD
21 2221 22
Top 10 security questions to ask prospective cloud providers:
Expect convincing answers to the following questions, but make sure the responses are also reflected in your contract:
1Who can see my information?
2 Is my data located in multiple data centers in different locations so that it is protected from regional attacks?
3 What redundancies do you have in place to protect my data?
4What specific measures do you take to encrypt my data?
5How do you manage encryption keys?
6What happens and how will you restore my data if there is a crash or cyberattack? (Also how long will it take to complete a request to clone or refresh a database or application?)
7 What security certifications do you have?
8 Are you compliant with the latest security protocols?
9 If a breach occurs, what are the provider’s policies regarding disclosure, and how long before you are notified?
10 If you are a reseller, who is responsible for service and support?
PART TWOHOW TO BUILD A BETTER CLOUD
23 24
While the stages and considerations set out in this and the
previous paper on planning are by no means exhaustive, they will
hopefully give readers planning the move to hybrid a framework
for discussion as well as some fresh ideas:
Part 1: Planning
Business needs definition
Outcomes definition and articulation
Cloud Portfolio/Service Catalog creation
Cloud Delivery Model analysis
Culture check, internal stakeholder engagement program
Cloud Readiness Assessment, budgeting, ROI analysis
Cloud Roadmap launch
Resource Review: data and team
Part 2: Implementation
Cloud-neutral colocation and marketplace access
Cloud provider selection
Expert partner assessment and selection
Multi-cloud approach and geographies
SLA and Security, processes and considerations
A final few words. Dedicating your valuable time to the research,
planning and negotiation necessary to build a better hybrid cloud
will pay major dividends. Handled correctly, it will drive profit
from cost, putting IT at the heart of new product development
and revenue generation, enabling the expansion – and ultimately
the transformation – of your business.
CONCLUSION: THE ROAD TO THE HYBRID CLOUD
HOW TO BUILD A BETTER CLOUD PART TWO
25 26
SOURCES& FURTHER READING
McAfee State of Cloud & Securitywww.mcafee.com/us/solutions/lp/cloud-security-report.html
Cisco Cloud Indexhttp://www.cisco.com/c/en/us/solutions/collateral/service-provider/global-cloud-index- gci/Cloud_Index_White_Paper.html
Public IaaS Competition webinarhttps://www.sitepoint.com/a-side-by-side-comparison-of-aws-google-cloud-and-azure/
Very readable comparison AWS to Azurehttp://www.euroitgroup.com/aws-vs-azure-cloud-computing-comparison/
Azure v AWS deckhttps://www.slideshare.net/rightscale/azure-vs-aws-best-prac
Shifting market shares big threehttp://www.cnbc.com/2017/04/27/microsoft-azure-growing-faster-than-aws-google- cloud-behind.html
Shared Responsibilityhttps://blogs.msdn.microsoft.com/azuresecurity/2016/04/18/what-does-shared- responsibility-in-the-cloud-mean/
CloudSpectator Top 10 European CSPshttp://connect.cloudspectator.com/european-cloud-service-providers-report-download
SLA Guidehttp://www.cloud-council.org/deliverables/practical-guide-to-cloud-service-agreements.htm
Security 10 Steps (2015 version)http://www.cloud-council.org/deliverables/CSCC-Security-for-Cloud-Computing-10- Steps-to-Ensure-Success.pdf
There is a huge amount of free information available. Here is a selection worth exploring:
NewsThe WHIR news and info: www.thewhir.com/category/cloud-computingCloudTech: useful news stream: www.cloudcomputing-news.netNetworkWorld from IDG: www.networkworld.com
InsightsDetailed planning: www.cloudindustryforum.org/content/cloud-adoption-roadmap 451 cloud research and insights: www.451research.comHybrid considerations: www.computerworld.com/article/2834193/cloud-comput-ing/5-tips-for-building-a-successful-hybrid-cloud.htmlEuroCloud pan-European know-how and standards: www.eurocloud.orgPerformance and pricing analysis: www.cloudspectator.com
GroupsSpiceworks Cloud Computing & SaaS forum: www.community.spiceworks.comGoogle forum: www.groups.google.com/forum/#!forum/cloud-computingLinked in Virtualization & Cloud Computing Group: www.linkedin.com/groups/57400/profileLinked in Cloud Security Alliance: www.linkedin.com/groups/1864210/profile
StandardsEuropean Cloud Standards Coordination: www.csc.etsi.orgCloud Standards Customer Council: www.cloud-council.org
TrainingDigitale Infrastructuur Nederland: Cloud University project: www.dinl.nl/en/dossiers/cloud-universityInteractive learning: www.cloudindustryforum.org/content/e-learning-courses
CasesCIO insights on cloud journey (hospitality, automotive, events, gaming): www.i-cio.com/strategy/cloud/item/four-pioneering-cios-on-the-journey-to-a-cloud-centric-worldFinancial services sector move to hybrid presentation: www.vimeo.com/152443510
PART TWOHOW TO BUILD A BETTER CLOUD
2827
Colophon
TextThe Communication Matrix LtdSander DeutekomPatrick van der Wilt Eric Boonstra
Date of publicationSeptember 12, 2017
DesignStudio Piraat
Acknowledgements:Many thanks to Leahanne Hobson of Alinea Partners for cloud purchasing insights gained in the execution of the company’s Secret Shopping and Customer Experience Certification programme